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DETAILED ACTION 



Claims 1-20 have been examined. 



Claim Rejections - 35 (JSC § 103 



2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Dulude et 
al. (hereinafter refereed to as Dulude) (PCT Publication No. WP 98/50875). 

4. As per claim 1 , Dulude teaches an authentication station for authenticating 
a user connected to a network, characterized by comprising: 

digital certificate storage means for storing a digital certificate issued to the user and 
validity data representing validity of the digital certificate [page 5, lines 24-27, 32-35, page 4, 
lines 15-19, and figure 2]; 

registration data storage means for storing as registration data biometrics data based on 
a biological feature of the user [page 7, lines 3-7 and lines 13-19]; 
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a collation server for collating biometrics data transmitted from the user with the 
registration data stored in said registration data storage means [page 13, lines 9-14, 21-29 and 
page 9 f lines 16-24]; and 

authentication means for determining the validity of the digital certificate of the user, for 
which authentication is demanded, on the basis of the validity data stored in said digital 
certificate storage means (i.e., the biometric digital certificate contains a validity period and is 
stored in storage means, see figure 2 and page 5, lines 32-35), and authenticating the user on 
the basis of the collation result of said collation server [page 13, lines 9-14, 21-30, 33-35 and 
page 14, lines 1-4, and page 3, lines 3-5]. 

Furthermore, Dulude teaches the biometric digital certificate that contains a validity 
period and is stored in storage means [see figure 2 and page 5, lines 32-35], and a validity 
period to determine an expiration of validity of digital certificates [page 3, lines 3-5]. Dulude does 
not explicitly teach authenticating the user on the basis of the validity determination. 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to authenticating a user on the basis of the validity determination. It would 
have been obvious because Dulude teaches a biometric digital certificate that contains a validity 
period and is stored in storage means [see figure 2 and page 5, lines 32-35], and a validity 
period to determine an expiration of validity of digital certificates [page 3, lines 3-5]. 

5. As per claim 12, Dulude teaches an authentication method of causing an authentication 
station to authenticate a user connected to a network, characterized by comprising: 

the user registration step of causing the authentication station to issue a digital certificate 
to the user, storing the digital certificate and validity data representing validity of the digital 
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certificate, acquiring biometrics data as a biological feature of the user from the user, and 
storing the biometrics data as registration data [page 7, lines 3-7 and lines 13-19]; 

the user validity determination step of causing the user to transmit the digital certificate 
to the authentication station and causing the authentication station to determine the validity of 
the digital certificate on the basis of the validity data [page 13, lines 9-14, 21-30, 33-35 and 
page 14, lines 1-4, and page 3, lines 3-5]; 

the biometrics data collation step of causing the user to acquire biometrics data and 
transmit the biometrics data to the authentication station, and causing the authentication station 
to collate the biometrics data transmitted from the user with the registration data [page 13, lines 
9-14, 21-29 and page 9, lines 16-24]; and 

the authentication step of authenticating the user on the basis of a collation result of the 
biometrics data [page 13, lines 9-14, 21-30, 33-35 and page 14, lines 1-4, and page 3, lines 3- 
5]. 

Furthermore, Dulude teaches the biometric digital certificate that contains a validity 
period and is stored in storage means [see figure 2 and page 5, lines 32-35], and a validity 
period to determine an expiration of validity of digital certificates [page 3, lines 3-5]. Dulude does 
not explicitly teach authenticating the user on the basis of the validity determination of a digital 
certificate. 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to authenticating a user on the basis of the validity determination of the 
digital certificate. It would have been obvious because Dulude teaches a biometric digital 
certificate that contains a validity period and is stored in storage means [see figure 2 and page 
5, lines 32-35], and a validity period to determine an expiration of validity of digital certificates 
[page 3, lines 3-5]. 
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6. As per claims 2 and 13, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station, characterized in that said collating 
means collates a plurality of kinds of biometrics data [page 13, lines 9-14, 21-30 and page 4, 
lines 15-19]. 

7. As per claims 3 and 14, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station, characterized in that 

said digital means stores valid dates of the registration data stored in said registration 
data storage means (i.e., the biometric digital certificate contains a validity period and is stored 
in storage means, see figure 2 and page 5, lines 32-35), and 

said authentication means determines the validity of the biometrics data of the user, for 
which authentication is demanded, on the basis of the valid dates stored in said digital certificate 
storage means (expiration of a validity of a certificate, see page 3, lines 3-5). 

8. As per claim 4, Dulude teaches an authentication station as applied to claim 3 above. 
Furthermore, Dulude teaches the authentication station, characterized by further comprising an 
issuing station for issuing the digital certificate, said issuing station being adapted to store the 
valid dates of the biometrics data in said digital certificate storage means when issuing the 
digital certificate [page, 6, lines 28-35, page 7, 1-8 and figure 2]. 

9. As per claims 5 and 15, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station, characterized by further comprising 
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amount storage means for storing an authentication compensation amount, said amount 
storage means being adapted to store the authentication compensation amount determined on 
the basis of contents of authentication when performing the authentication [page, 1 1 , lines 5-9, 
and page 12, lines 19-35]. 

10. As per claim 6, Dulude teaches an authentication station as applied to claim 1 above. 
Furthermore, Dulude teaches the authentication station system characterized by 
comprising: 

said authentication station defined in claim 1 ; and 

a user terminal connected to said network and having biometrics data acquisition means 
for causing the user to acquire the biometrics data [page 9, lines 33-35 and page 10, lines 1-10]. 

11. As per claims 7 and 16, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station system characterized in that 

said user terminal stores a private key corresponding to a public key registered in the 
digital certificate, said user terminal generates a digital signature using the private key and 
transmits the digital signature to said authentication station [page 10, lines 29-34], and said 
authentication station authenticates the user using the digital signature transmitted from said 
user terminal [page 12, lines 7-15]. 

12. As per claims 8 and 17, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station system characterized in that 

said user terminal stores a private key corresponding to a public key registered in the 
digital certificate [page 10, lines 29-34], 
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said user terminal generates a digital signature in accordance with the private key and 
the biometrics data and transmits the digital signature to said authentication station [page 10, 
lines 17-21 and lines 29-34], and 

said authentication station authenticates the user in accordance with the digital signature 
transmitted from said user terminal [page 12, lines 7-15]. 

13. As per claims 9 and 18, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station system characterized in that 

said user terminal encrypts the biometrics data from said biometrics data acquisition 
means with the public key of said authentication station and transmits the encrypted biometrics 
data to said authentication station [page 10, lines 11-15]. 

14. As per claims 10 and 19, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station system characterized by comprising: 

authentication request means, connected to said network, for requesting said 
authentication station to authenticate the user [page 9, lines 33-35 and page 10, lines 1-10]. 

15. As per claims 1 1 and 20, Dulude teaches an authentication station as applied above. 
Furthermore, Dulude teaches the authentication station system characterized by comprising 

authentication request means, connected to said network, for requesting said 
authentication station to authenticate the user and notifying said authentication station of 
authentication contents, wherein said authentication station determines the authentication 
compensation amount on the basis of the notified authentication contents [page 9, lines 33-35 
and page 10, lines 1-10]. 
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Conclusion 



16. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. See PTO 892 form. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Beemnet W Dada whose telephone number is (703) 305-8895. The 
examiner can normally be reached on Monday - Friday (8:30 am - 6:00 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y Vu can be reached on (703) 305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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